From c6d215e0d278fcd51ad474a3647b61e1b67290bb Mon Sep 17 00:00:00 2001 From: Bernd Edlinger Date: Fri, 23 Dec 2016 14:35:16 +0100 Subject: [PATCH] Fix a memory leak in RSA_padding_add_PKCS1_OAEP_mgf1 Signed-off-by: Kurt Roeckx Reviewed-by: Matt Caswell GH: #2140 --- crypto/rsa/rsa_oaep.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index c459b91ed2..868104f1bf 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -91,17 +91,21 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, } if (PKCS1_MGF1(dbmask, emlen - mdlen, seed, mdlen, mgf1md) < 0) - return 0; + goto err; for (i = 0; i < emlen - mdlen; i++) db[i] ^= dbmask[i]; if (PKCS1_MGF1(seedmask, mdlen, db, emlen - mdlen, mgf1md) < 0) - return 0; + goto err; for (i = 0; i < mdlen; i++) seed[i] ^= seedmask[i]; OPENSSL_free(dbmask); return 1; + + err: + OPENSSL_free(dbmask); + return 0; } int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,